Nmap Network Scanning

Linux Distributions

Chapter 2. Obtaining, Compiling, Installing, and Removing Nmap

Linux Distributions

Linux is the most popular platform for running Nmap. In one user
survey, 86% said that Linux was at least one of the platforms on which
they run Nmap. The first release of Nmap in
1997 only ran on Linux.

Linux users can choose between a source code install or using
binary packages provided by their distribution or Insecure.Org. The
binary packages are generally quicker and easier to install, and are
often slightly customized to use the distribution's standard directory
paths and such. These packages also allow for consistent management
in terms of upgrading, removing, or surveying software on the system.
A downside is that packages created by the distributions are
necessarily behind the Nmap.Org source releases. Most Linux
distributions keep their Nmap package
relatively current, though a few are way out of date. Choosing the
source install allows for more flexibility in determining how Nmap is
built and optimized for your system. To build Nmap from source, see
the section called “Linux/Unix Compilation and Installation from Source Code”. Here are simple package instructions
for the most common distributions.

RPM-based Distributions (Red Hat, Mandrake, SUSE, Fedora)

I build RPM packages for every release of Nmap and post them to
the Nmap download page at http://nmap.org/download.html.
I build two packages: The nmap package contains
just the command-line executable and data files, while the
zenmap package contains the optional Zenmap
graphical frontend (see Chapter 12, Zenmap GUI Users' Guide).
The zenmap package requires
that the nmap package be installed first.

Installing via RPM is quite easy—it
even downloads the package for you when given the proper URLs. The following example downloads and installs Nmap 4.68, including the frontend. Of course you should use the latest version at the download site above instead. Any existing RPM-installed versions are
upgraded. Example 2.8 demonstrates this installation process.

As the filenames above imply, these binary RPMs were created for normal PCs (x86 architecture). I also distribute x86_64 binaries for 64-bit Linux users. These binaries won't work for the relatively few Linux users on other platforms such as SPARC, Alpha, or PowerPC. They also may refuse to install if your library versions are sufficiently different from what the RPMs were initially built on. One option in these cases would be to find binary RPMs prepared by your Linux vendor for your specific distribution. The original install CDs or DVD are a good place to start. Unfortunately, those may not be current or available. Another option is to install Nmap from source code as described previously, though you lose the binary package maintenance consistency benefits. A third option is to build and install your own binary RPMs from the source RPMs distributed from the download page above. Example 2.9 demonstrates this technique with Nmap 4.68.

It is not necessary to rebuild Zenmap in this fashion because the
Zenmap RPM is architecture-independent (“noarch”). For that
reason there are no Zenmap source RPMs.

Removing RPM packages is as easy as rpm -e nmap zenmap.

Updating Red Hat, Fedora, Mandrake, and Yellow Dog Linux with Yum

The Red Hat, Fedora, Mandrake, and Yellow Dog Linux
distributions have an application named Yum
which manages software installation and updates from central RPM
repositories. This makes software installation and updates trivial.
Since distribution-specific Yum repositories are normally used, you
know the software has already been tested for compatibility with your
particular distribution. Most distributions do maintain Nmap in their
Yum repository, but they don't always keep it up to date. This is
particularly problematic if you (like most people) don't always
quickly update to the latest release of your distribution. If you are
running a two-year old Linux release, Yum will often give you a
two-year-old version of Nmap. Even the latest version of
distributions often take months to update to a new Nmap release. So
for the latest version of Nmap on these systems, try the RPMs we
distribute as described in the previous section. But if our
RPMs aren't compatible with your system or you are in a great hurry,
installing Nmap from Yum is usually as simple as executing
yum install nmap (run yum install nmap zenmap
if you would like the GUI too, though some distributions don't yet package Zenmap). Yum takes care of contacting a
repository on the Internet, finding the appropriate package for
your architecture, and then installing it along with any necessary
dependencies. This is shown (edited for brevity) in Example 2.10. You can later perform
yum update to install available updates to Nmap and other
packages in the repository.

Sometimes Debian's Nmap releases are a year or more behind the current Nmap version. One option for obtaining the latest release is to compile from source code, as described in the section called “Linux/Unix Compilation and Installation from Source Code”. Another option is to download the RPM-format binaries from the Nmap download page, convert them to deb packages using the alien command, and then install them using dpkg, as described in the following list: